The Trusted Internet Connections program has begun working with agencies on such architectures, but it's only one step toward modernization.

An unnamed embassy is routing cloud traffic through an on-site TIC access point, rather than backhauling network data to headquarters.

CISA's guidance should be finalized faster than its predecessor, opening the door to four more potential use cases, said the TIC program manager.